---
# Define resources for this group of hosts here.
lvm_size: 250000
mem_size: 8192
num_cpus: 8

# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file
tcp_ports: [ 80, 443, 111, 2049,
    # These 8 ports are used by fedmsg.  One for each wsgi thread.
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]

udp_ports: [ 111, 2049 ]

fas_client_groups: sysadmin-releng,fi-apprentice,sysadmin-noc,sysadmin-veteran

# These are consumed by a task in roles/fedmsg/base/main.yml
fedmsg_certs:
- service: shell
  owner: root
  group: sysadmin
  can_send:
  - logger.log
- service: koji
  owner: root
  group: apache
  can_send:
  - buildsys.build.state.change
  - buildsys.package.list.change
  - buildsys.repo.done
  - buildsys.repo.init
  - buildsys.rpm.sign
  - buildsys.tag
  - buildsys.task.state.change
  - buildsys.untag

# NOTE -- staging mounts read-only
nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
# This is for mizdebsk only in stg.  Put here by threebean.  Cleared with nirik.
sudoers: "{{ private }}/files/sudo/koji01.stg.phx2.fedoraproject.org-sudoers"

koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
koji_weburl: "https://koji.stg.fedoraproject.org/koji"
koji_topurl: "https://kojipkgs.fedoraproject.org/"

osbs_url: "osbs.stg.fedoraproject.org"
source_registry: "registry.stg.fedoraproject.org"
docker_registry: "candidate-registry.stg.fedoraproject.org"
koji_root: "koji.stg.fedoraproject.org/koji"
koji_hub: "koji.stg.fedoraproject.org/kojihub"


# Add custom iptable rule to allow stage koji to talk to
# osbs-dev.fedorainfracloud.org (will move to stage osbs later, this is for the
# sake of testing).
custom_rules: [
    '-A OUTPUT -p tcp -m tcp -d 209.132.184.60 --dport 8443 -j ACCEPT'
]
